DIVD-2024-00047 - Multiple critical vulnerablilties in Palo Alto Networks PAN-OS devices
Our reference | DIVD-2024-00047 |
Case lead | Alwin Warringa |
Researcher(s) | |
CVE(s) | |
Products |
|
Versions |
|
Recommendation | Patch your version to a non-vulnerable version |
Patch status | Patch available |
Workaround | none |
Status | Open |
Last modified | 21 Nov 2024 10:16 CET |
Summary
An authentication bypass in Palo Alto Networks PAN-OS software (CVE-2024-0012) enables an unauthenticated attacker with network access to the management interface to gain PAN-OS administrator privileges to perform administrative actions, tamper with the configuration, or exploit other authenticated privilege escalation vulnerabilities like CVE-2024-9474
Recommendations
To remediate CVE-2024-0012 and CVE-2024-9474, update to a non-vulnerable version. You can find a link to the Palo Alto bulletin at the bottom of this post.
What we are doing
DIVD is currently working to identify parties that are running a vulnerable version of Palo Alto PAN-OS and to notify these parties.
Timeline
Date | Description |
---|---|
11 Nov 2024 | DIVD starts researching the vulnerability. |
20 Nov 2024 | DIVD finds fingerprint, preparing to scan. |
21 Nov 2024 | Case opened and starting first scan. |
21 Nov 2024 | DIVD begins notifying owners of vulnerable systems. |
gantt
title DIVD-2024-00047 - Multiple critical vulnerablilties in Palo Alto Networks PAN-OS devices
dateFormat YYYY-MM-DD
axisFormat %e %b %Y
section Case
DIVD-2024-00047 - Multiple critical vulnerablilties in Palo Alto Networks PAN-OS devices (still open) :2024-11-11, 2024-12-10
section Events
DIVD starts researching the vulnerability. : milestone, 2024-11-11, 0d
DIVD finds fingerprint, preparing to scan. : milestone, 2024-11-20, 0d
Case opened and starting first scan. : milestone, 2024-11-21, 0d
DIVD begins notifying owners of vulnerable systems. : milestone, 2024-11-21, 0d
More information
- CVE-2024-0012
- CVE-2024-9474
- Palo Alto Security Bullitin for CVE-2024-0012
- Palo Alto Security Bulletin for CVE-2024-9474